Threat Update 44 – Ransomware Early Warning: DNS Recon
source link: https://www.varonis.com/blog/threat-update-44-ransomware-early-warning-dns-recon/
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
Threat Update 44 – Ransomware Early Warning: DNS Recon
Inside Out Security Blog » Threat Detection » Threat Update 44 – Ransomware Early Warning: DNS Recon
Ransomware gangs use every trick in the book to find and steal data before encrypting it. After landing in a new organization, they need to map out the resources, identify additional machines they want to compromise, and try to figure out which systems are the “juicy targets” storing valuable data.
There are several tactics for this, but one of the easiest and most direct ways is to leverage a common function virtually everywhere: DNS.
Join Kilian and Kyle Roth from the Varonis Incident Response team as they discuss what DNS is, how it works, and how attackers can “live off the land” to map out an organization’s network using a few command-line tools built into every OS.
Articles referenced in this video:
What is DNS, How it Works + Vulnerabilities
👋To learn how else we can help, please visit us at: https://www.varonis.com/help/
👉Varonis customers also get access to great educational content to help support them on their journey: https://www.varonis.com/how-to-videos/
Kilian Englert
Kilian has a background in enterprise security engineering, as well as security solution selling. Kilian is a Certified Information Systems Security Professional (CISSP) and creates internal and public content on topics related to cyber security and technology best practices.
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK